开发者

AntiForgery Exception: A required anti-forgery token was not supplied or was invalid

开发者 https://www.devze.com 2023-03-22 12:07 出处:网络
I have an MVC2 application. I am trying to implement AntiForgeryToken helper to prevent CSRF attacks.

I have an MVC2 application. I am trying to implement AntiForgeryToken helper to prevent CSRF attacks.

I am implementing this using Steve Sanderson's blog: http://blog.stevensanderson.com/2008/09/01/prevent-cross-site-request-forgery-csrf-using-aspnet-mvcs-antiforgerytoken-helper/

When I implement this in a NEW MVC2 project it works. But the same code when I put it in my REAL application, it ALWAYS throws this exception: A required anti-forgery token was not supplied or was invalid.

Here is my Controller code:

[ValidateAntiForgeryToken]
public ActionResult SubmitUpdate()
{

    // Something goes here
    return View();
}

Code in View:

<% using (Html.BeginForm("SubmitUpdate", "Test"))
   {%>
   <开发者_如何学Python;%= Html.AntiForgeryToken() %>
       <input type="submit" value="Submit" />
<% } %>

There is no difference in the two apps except that the real application uses ADFS for autentication. What am I missing? Any help will be highly appreciated. Thanks!


Have you tried deleting your cookies and trying again?


Answer may lie in the answer to this question regarding a KB patch as well as ensuring the Machine key is static between all servers in your farm/cluster etc.

0

精彩评论

暂无评论...
验证码 换一张
取 消